Security Related Links

Security Lists & Frameworks

Curated references for practitioners. Bookmark this page.

CISA Known Exploited Vulnerabilities Live

Last updated: 2025-12-11T19:12:53.4105Z · Total CVEs: 1473

CVEVendorProductAddedDescription
CVE-2025-58360OSGeoGeoServer2025-12-11OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request.
CVE-2025-6218RARLABWinRAR2025-12-09RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.
CVE-2025-62221MicrosoftWindows2025-12-09Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
CVE-2022-37055D-LinkRouters2025-12-08D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVE-2025-66644Array Networks ArrayOS AG2025-12-08Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.
CVE-2025-55182MetaReact Server Components2025-12-05Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.
CVE-2021-26828OpenPLCScadaBR2025-12-03OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
CVE-2025-48633AndroidFramework2025-12-02Android Framework contains an unspecified vulnerability that allows for information disclosure.
CVE-2025-48572AndroidFramework2025-12-02Android Framework contains an unspecified vulnerability that allows for privilege escalation.
CVE-2021-26829OpenPLCScadaBR2025-11-28OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.
CVE-2025-61757OracleFusion Middleware2025-11-21Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
CVE-2025-13223GoogleChromium V82025-11-19Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.
CVE-2025-58034FortinetFortiWeb2025-11-18Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
CVE-2025-64446FortinetFortiWeb2025-11-14Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
CVE-2025-12480GladinetTriofox2025-11-12Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.
CVE-2025-62215MicrosoftWindows2025-11-12Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-level access.
CVE-2025-9242WatchGuardFirebox2025-11-12WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.
CVE-2025-21042SamsungMobile Devices2025-11-10Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
CVE-2025-48703CWPControl Web Panel2025-11-04CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.
CVE-2025-11371GladinetCentreStack and Triofox2025-11-04Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files.
CVE-2025-41244BroadcomVMware Aria Operations and VMware Tools2025-10-30Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
CVE-2025-24893XWikiPlatform2025-10-30XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.
CVE-2025-6204Dassault SystèmesDELMIA Apriso2025-10-28Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitrary code.
CVE-2025-6205Dassault SystèmesDELMIA Apriso2025-10-28Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain privileged access to the application.
CVE-2025-54236AdobeCommerce and Magento2025-10-24Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.

View KEV JSON

EPSS – Exploit Prediction Scoring System Live

Error loading EPSS: HTTP 403